vendor/ibexa/corporate-account/src/bundle/EventSubscriber/ApplicationRateLimitSubscriber.php line 60

Open in your IDE?
  1. <?php
  3. /**
  4.  * @copyright Copyright (C) Ibexa AS. All rights reserved.
  5.  * @license For full copyright and license information view LICENSE file distributed with this source code.
  6.  */
  7. declare(strict_types=1);
  9. namespace Ibexa\Bundle\CorporateAccount\EventSubscriber;
  11. use Ibexa\Contracts\Core\Repository\Events\Content\BeforeCreateContentEvent;
  12. use Ibexa\Contracts\Core\Repository\PermissionResolver;
  13. use Ibexa\Contracts\Core\Repository\Values\Content\ContentCreateStruct;
  14. use Ibexa\Contracts\Core\Repository\Values\User\UserReference;
  15. use Ibexa\Contracts\Core\SiteAccess\ConfigResolverInterface;
  16. use Ibexa\Contracts\CorporateAccount\Exception\ApplicationRateLimitExceededException;
  17. use Ibexa\CorporateAccount\Configuration\CorporateAccountConfiguration;
  18. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  19. use Symfony\Component\HttpFoundation\RequestStack;
  20. use Symfony\Component\RateLimiter\RateLimiterFactory;
  22. /**
  23.  * @internal
  24.  */
  25. final class ApplicationRateLimitSubscriber implements EventSubscriberInterface
  26. {
  27.     private const RATE_LIMITER_KEY_PATTERN 'user_%d_ip_%s';
  29.     private RequestStack $requestStack;
  31.     private PermissionResolver $permissionResolver;
  33.     private CorporateAccountConfiguration $configuration;
  35.     private ConfigResolverInterface $configResolver;
  37.     private RateLimiterFactory $corporateAccountApplicationLimiter;
  39.     public function __construct(
  40.         RequestStack $requestStack,
  41.         PermissionResolver $permissionResolver,
  42.         ConfigResolverInterface $configResolver,
  43.         CorporateAccountConfiguration $configuration,
  44.         RateLimiterFactory $corporateAccountApplicationLimiter
  45.     ) {
  46.         $this->requestStack $requestStack;
  47.         $this->permissionResolver $permissionResolver;
  48.         $this->configResolver $configResolver;
  49.         $this->configuration $configuration;
  50.         $this->corporateAccountApplicationLimiter $corporateAccountApplicationLimiter;
  51.     }
  53.     public static function getSubscribedEvents(): array
  54.     {
  55.         return [
  56.             BeforeCreateContentEvent::class => ['onBeforeCreateContent'100],
  57.         ];
  58.     }
  60.     public function onBeforeCreateContent(BeforeCreateContentEvent $event): void
  61.     {
  62.         $contentCreateStruct $event->getContentCreateStruct();
  63.         $currentUser $this->permissionResolver->getCurrentUserReference();
  65.         if ($this->isApplicationCreateStruct($contentCreateStruct) && $this->isAnonymousUser($currentUser)) {
  66.             $mainRequest $this->requestStack->getMainRequest();
  68.             if ($mainRequest !== null) {
  69.                 $limiter $this->corporateAccountApplicationLimiter->create(
  70.                     sprintf(
  71.                         self::RATE_LIMITER_KEY_PATTERN,
  72.                         $currentUser->getUserId(),
  73.                         $mainRequest->getClientIp()
  74.                     )
  75.                 );
  77.                 if (!$limiter->consume()->isAccepted()) {
  78.                     throw new ApplicationRateLimitExceededException($limiter);
  79.                 }
  80.             }
  81.         }
  82.     }
  84.     private function isApplicationCreateStruct(ContentCreateStruct $contentCreateStruct): bool
  85.     {
  86.         return $contentCreateStruct->contentType->identifier
  87.             === $this->configuration->getApplicationContentTypeIdentifier();
  88.     }
  90.     private function isAnonymousUser(UserReference $userReference): bool
  91.     {
  92.         return $userReference->getUserId()
  93.             === $this->configResolver->getParameter('anonymous_user_id');
  94.     }
  95. }